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DETAILED ACTION 

1. The communication is in response to Application No. 10/524854 filed 02/18/2005, 
claims 1-18 were cancelled and claims 19-36 were added by preliminary amendment. 
Claims 19-36 have been examined. 

Drawings 

2. The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they 
include the following reference character(s) not mentioned in the description: Figure 7. 
Corrected drawing sheets in compliance with 37 CFR 1 .121(d), or amendment to the 
specification to add the reference character(s) in the description in compliance with 37 CFR 
1.121(b) are required in reply to the Office action to avoid abandonment of the application. Any 
amended replacement drawing sheet should include all of the figures appearing on the immediate 
prior version of the sheet, even if only one figure is being amended. Each drawing sheet 
submitted after the filing date of an application must be labeled in the top margin as either 
"Replacement Sheet" or "New Sheet" pursuant to 37 CFR 1.121(d). If the changes are not 
accepted by the examiner, the applicant will be notified and informed of any required corrective 
action in the next Office action. The objection to the drawings will not be held in abeyance. 

Claim Objections 

3. Claim 20 is objected to because of the following informalities: spelling error "zero"(line 
4). Appropriate correction is required. 

4. Claims 26-28 are objected to under 37 CFR 1 .75(c), as being of improper 
dependent form for failing to further limit the subject matter of a previous claim. 
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Applicant is required to cancel the claim(s), or amend the claim(s) to place the claim(s) 
in proper dependent form, or rewrite the claim(s) in independent form. 

5. In this case, claim 25 from which claims 26-28 depend on is directed to a 
machine category patentable subject matter claim, i.e. "the data processing device". 

The limitations of claim 25 further limit the data processing device, with the browser and 
plug-in contained therein, as such the claim is hereby for the purposes of examination 
treated as a machine claim, i.e. "data processing device" claim. In accordance with 37 
CFR 1.75(c) one or more claims may be presented in dependent form, referring back to 
and further limiting another claim(s) in the same application. Further, "a claim in a 
dependent form shall be construed to incorporate by reference all the limitations of the 
claim to which it refers" and requires the dependent claim to further limit the subject 
matter claimed (see MPEP 2164.08). 

6. Specifically, dependent claims 26-28 do not refer back to and/or further limit the data 
processing device, rather these claims refer back to and further limits the "computer resource", as 
such these claims are deemed to be in improper dependent form for failing to further limit the 
claimed subject matter of a previous claim. 

7. Regarding claim 36 is objected because specifying, "create, in a browser" does not make 
any sense in terms of one ordinary skill in the art. Browsers are just a piece of software accessing 
internet websites thus, not containing any physical memory where it can store information. 

Claim Objections - 35 USC § 112 
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8. Claims 24, 26 and 31 are objected under 35 U.S.C. 1 12, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter which was 
not described in the specification in such a way as to enable one skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and/or use the invention. The words 
"manager" and "entity" are unclear in defining what they are in the specification. 

Claim Rejections - 35 USC § 112 

9. Claims 19-26, 28-31, 33, and 34-36 are rejected under 35 U.S.C. 1 12, first paragraph, as 
failing to comply with the enablement requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to enable one skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and/or use the invention. For 
example in claim 19, it appears that the subject matter that is claims "browser comprising private 
zones" provided in this invention can not be implemented due to the fact that a browser is a piece 
of software that is non-tangible and as such can not hold computer-readable medium. Therefore, 
the claimed invention is inoperative and lacks enablement. 

10. According to applicants specification, a browser comprising of "private zones" where the 
zones are assigned an area of memory within the set of resources to store data. Each private zone 
is secured using an access key that can enable the 'transmission of data across from browser to 
any resource. The subject matter as claimed is uncertain to one of ordinary skilled at the time the 
invention was made as to how a browser consisting of "private zones" that hold memory. 
Browsers are based on software used to view and interact with various types of resources. 
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Browsers have no physical memory that can store information. One from the ordinary skill in the 
art could understand that browsers provide an easy to use interface for accessing data. 

11. Regarding claims 19-23, 25, 29-33, 35, and 36, the same subject matter is substantially 
recited, and similar rationale is applicable. For the purposes of examination, the browser does not 
contain or hold memory or perform memory functions. Therefore, the browser and zones are 
separate elements in the claims disclosed. 

Claim Rejections - 35 USC § 101 

12. Claim 35 is rejected under 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

In this case, computer plug-ins are software related that are non-statutory categories when 
claimed as descriptive material per se (see Warmerdam, 33 F.3d at 1360 USPQ2d at 1 759), 
falling under the "process" category (i.e. inventions at that consist of a series of steps or acts to 
be performed). See 35 U.S.C. 100(b) ("The term process means, art, or method, and includes a 
new of a known process, machine, manufacture, composition of matter or material"). Functional 
descriptive material: "data structure" representing descriptive per se (i.e. software per se) when 
embodied in a computer-readable media are still not statutory because they are not capable of 
causing functional change in the computer. However, a claimed computer-readable storage 
medium encoded with a data structure, computer listing or computer program, having defined 
structural and functional interrelationships between the data structure, computer listing or 
computer program and the computer software and hardware component, which permit the data 
structure's, listing or program's functionally to be realized, is statutory (see MPEP §2106). 



Claim Rejections - 35 USC §102 
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13. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made inlthis Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in ( 1 ) an application for patent, published under section 1 22(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the: invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United Statesionly if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

14. Claim 19, 24, 25, 36 are rejected under 35 'U.S.C. 102(e) as being anticipated by Harris et 
al. (US 2004/0034559). 

Regarding claim 19, Harris discloses a data processing device (i.e. computer, abstract) 
configured to communicate with a plurality of resources (i.e. websites, abstract) via a browser, 
comprising: 

the browser (abstract) comprising a first private zone and a second private zone 
(consisting of first region and the second region, abstract), wherein the first private zone and the 
second private zone are each configured to be allocated to a respective set of resources of the 
plurality of resources ("the formatted web pages of the content-based website are transmitted 
from the online publisher server computer for display in the first region of the client computer 
for browser display screen. . .", abstract) to store information; and 

a plug-in(wherein a plug-in is interpreted to be a software program that provides added 
functionally to larger applications such as the application to display the regions in Harris, figure 
2B) configured to ensure that the respective set ofiresources communicate exclusively 
(communicating independently, abstract) with the Ifirst private zone allocated to the respective set 
of resources (abstract). 



Application/Control Number: 10/524,854 Page 7 

Art Unit: 2109 

15. Regarding claim 24, Harris discloses a data processing device (i.e. computer, abstract), 
further comprising: 

a manager comprising code instructions adapted to manage (formatting web pages is interpreted 
to be managing as well as "online publisher" and "online advertiser", 0026) use of the data 
processing device, wherein the plug-in (wherein ai plug-in is interpreted to be a software program 
that provides added functionally to larger applications such as the application to the regions in 
Harris, figure 2B) further comprises functionality to manage, upon request, allocation of the first 
private zone( regions, abstract) to the respective set of resources by supplying information to the 
respective set of resources, wherein information comprises a reference of the first private zone. 
Harris teaches formatted web pages, referring to web pages (resources) that are designed to be 
displayed in specific display regions of a single computer browser display screen (abstract, 
0013). Harris having a entity "online publisher" and "online advertiser" which manages the 
information where the regions exclusively are transmitted to websites, [0026]. 

16. Regarding claim 25, Harris teaches a computer resource (i.e.website, abstract) 
communicating with a data processing device (i.e. computer, abstract) via a network, wherein the 
data processing device comprises: 

a browser (abstract); and a plug-in (wherein a plug-in is interpreted to be a software 
program that provides added functionally to larger applications such as the application to the 
regions in Harris, figure 2B) which, when executed, is configured to obtain an allocation of a 
private zone (regions, abstract), wherein the allocation ensures that the communication between 
the private zone and the computer resource is exclusive (abstract). 
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1 7. Regarding claim 36, Harris teaches a computer readable medium, embodying instructions 
executable by the computer to perform method steps for communication using a data processing 
device (i.e. computer, abstract), the instructions comprising functionality to: 

create, in a browser, a first private zone and a second private zone, wherein each of the 
first private zone and the second private zone (first and second region, abstract, 0013) is 
configurable to be allocated to a respective set of resources and store security information 
ensuring secured communication between at least one of the first private zone and the second 
private zone and the respective set of resources (websites, abstract); 

allocate the first private zone to the respective set of resources; and 
communicate between the allocated private zone and the respective set of resources, 
wherein a plug-in (wherein a plug-in is interpreted! to be a software program that provides added 
functionally to larger applications such as the application to the regions in Harris's teachings) 
denies access during the communication to the second private zone, (page 6, claim 57) 



Claim Rejections - 35 USC § 103 
18. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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Claim 20-23, 26-35 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Harris et al. (US 2004/0034559) in view of Intel (Entrust Secure Web Portal Solution for 
Microsoft Windows NT, cited in IDS dated 6/15/06). 

19. Regarding claim 20, Harris taught the data processing device according to claim 19, as 
described above. Harris teaches wherein the plug-in (wherein a plug-in is interpreted to be a 
software program that provides added functionally to larger applications such as the application 
to the regions in Harris's teachings) comprises at least one input parameter, the first and second 
private zones of the browser (first and second region of the displayed browser, abstract). 

Harris does not explicitly disclose parameter corresponding to a zone access key, wherein 
a value of the zone access key is supplied through a secured transmission by the respective set of 
resources corresponding to the first private zone, after execution and depending on the zone 
access key, is able to authorize access to the first private zone and deny access to the second 
private zone. 

Intel discloses authentication to access the browser using zone access key for secured 
transmission by the respective set of resources corresponding to the private zones and after 
execution, depending on the zone access key, is able to authorize access to the first private zone 
and deny access to the second private zone ("If any test fails, access is denied and the user is 
redirected to an appropriate page", page 10). 

It would have been obvious to one ordinary skilled in the art at the time invention was 
made having the teachings of Harris and Intel before them, to modify Harris's teachings to 
include the zone access key to authorize access as taught in Intel in the private zones of Harris. 
One would be motivated to combine Harris's teachings with Intel's teachings because web-bases 
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services would agree that the advantages the content of web-based website communications 
would need the use of security keys that would reduce risks from unauthorized or undetected 
users to access displayed browser screens. (Intel, page 4) 

20. Regarding claim 21, Harris taught the data processing device (i.e. computer, 
abstract) of claim 20, as described above. Harris further teaches a corresponding 
allocated private zone from a group consisting of the first private zone and the second 
private zone (regions, abstract). (Harris discloses, la online publisher server and online 
advertiser server including a web based website storing memory where are formatted to 
be displayed from each server corresponding to the regions displayed on the browser, 
[0013]). 

Intel further teaches, wherein the respective set of resources performs 
authentication by transmitting a request to the browser prompting the user to enter the 
zone access key received, and if the access key is correct, (Intel states, "get Access can 
dramatically simplify the integration services of Web resources by. [page 9], the plug- 
in comprises code (wherein a plug-in is interpreted to be a software program that 
provides added functionally to larger applications such as the application to the regions 
in Harris, figure 2B) instructions adapted to manage authentication between the 
respective set of resources. 

It would have been obvious to one of ordinary skilled in the art at the time of 
invention made having the teachings of Harris and Intel before them, to modify Harris's 
teachings to include the zone access key to authorize access as taught in Intel in the 
private zones. One would be motivated to combine the teachings of Harris with the 
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teachings of Intel that deals with the performed authentication made by the user 
to enter an access key for displayed browser screen. 

21. Regarding claim 22, Harris taught the data processing device (i.e. computer, 
abstract) of claim 19, as described above. Harris teaches, wherein the first private zone 
and the second private zone are each configured to store information, ["including 
personalized information in the formatted marketing-based web pages, the personalized 
information being based on the stored data that is representative. . ." page 4. This deals 
with the regions that displayed within the browser screen, referring to claim 1], however 
Harris does not teach, wherein information comprises security information ensuring 
secured communication between at least one of a group consisting of the first private 
zone and the second private zone, and the respective set of resources. 

Intel teaches, wherein information comprises security information ensuring 
secured communication between at least one of a group consisting of the first private 
zone and the second private zone, and the respecti ve set of resources (security 
information ensuring the communication of the zones within the resources, page 15). 

It would have been obvious to one of ordinary skilled in the art at the time of 
invention made given that the teachings of Harris and Intel to modify the zones of Harris 
to include security information as taught by Intel. One would be motivated to combine 
this teachings with Intel teachings because it elaborates more on the security keys 
ensuring secured communication transmitting information on web based resources. 

22. Regarding claim 23, this claim comprises the data processing device according 
to claim 22, as described in both the two teachings above. Hanis teaches, wherein the 
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data processing device interprets code instructions and, is configured to manage the 
administration of the at least one of the first private zone and the second private zone 
as well as the use of application data in the at least one of the first private zone and the 
second private zone (regions, abstract) during a communication between the browser 
and the respective set of resources, however, Harris does not teach authentication and 
using security information stored in at least one of the first private zone and the second 
private zone. 

Intel teaches the authentication and using security information (i.e. access key, 
page 4) in the web-based websites. 

One would be motivated to combine these two teachings with regards to the 
above claims teaching data information within the regions and only accessed with 
secured keys to access in the displayed browser screen. Thereby, similar rationale of 
rejection is applicable as claim 22. 

23. Regarding claim 26, Harris teaches the computer resource according to claim 25, 
as described above. Harris teaches wherein the private zone is managed by an 
entity (i.e. online publisher, online advertiser, 0026), wherein the entity is configured to 
allocate the private zone (region, abstract) to the computer resource (website, [0026]), 
however does not teach transmits security parameters to the computer resource, 
wherein the parameters identify the private zone. 

Intel teaches transmits security parameters to the computer resource, wherein 
the parameters identify the private zone (page 10). 

It would have been obvious to one of ordinary skilled in the art at the time of 
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invention made given that the teachings of Harris having the teachings of Harris and 
Intel before them, to modify the zones to include transmitting security parameters as 
taught in Intel in the private zones managed by the online publisher and online 
advertiser of Harris. One would be motivated to combine the teaching of Harris with Intel 
that discusses the security parameters to access the data information. 

24. Regarding claim 27, Harris teaches the computer resource according to claim 26, 
wherein: the entity is further configured to transmit to the computer resource ([0026)], 
however, Harris does not teach, at least one master key previously stored in the private 
zone; and the at least one master key is configured to encrypt information transmitted 
between the private zone and the computer resource. 

Intel teaches, at least one master key previously stored in the private zone; and 
the at least one master key is configured to encrypt information transmitted between the 
private zone and the computer resource, [page 18] 

It would have been obvious to one of ordinary skilled in the art at the time of 
invention made given that the teachings of Harris and Intel before them, to modify the 
zones to include transmitting security parameters as taught in Intel in the private zones 
of Harris. The teachings of Intel elaborates more on access keys which encrypt 
information to be send out from where the regions are allocated to the computer 
resource (website, abstract). One would be motivated to combine these teaching in 
security communication dealing with information transmission. 

25. Regarding claim 28, the computer resource according to claim 25, further 
comprising: a secured means configured to transmit a key to the data processing device 
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to access the private zone, wherein the data processing device uses the key during 
communication to authenticate the private zone with the computer resource. (This claim 
comprises both the teachings which described above, thereby same rationale of 
rejection is applicable) 

26. Regarding claim 29, Harris teaches a data processing system (i.e. computer, 
abstract) comprising: 

a browser comprising a plurality of private zones; (region, abstract) and a data 
processing device configured to communicate with a plurality of sites via the browser, 
wherein each of the plurality of private zones is configured to be allocated to the 
plurality of sites, wherein the browser interprets code instructions stored on the data 
processing device ensuring that the plurality of sites communicates exclusively 
(independent, abstract) with an allocated private zone of the plurality of private 
zones.(abstract) 

However Harris does not teach store security information ensuring secured 
communication between the data processing device and the plurality of sites. Intel 
teaches the security information ensuring secured communication between the 
processing device and the websites (page 4). This claim can be referred to the claims 
described above, there by having the same rationale of rejection is applicable. 

27. Regarding claim 30, Harris teaches a method for communication using a data 
processing device (i.e. computer, abstract), comprising: 

creating, in a browser, a first private zone and a second private zone (first region 
and second region, abstract), wherein each of the first private zone and the second 
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private zone is configurable to be allocated to a respective set of resources, allocating 
the first private zone to the respective set of resources (abstract); 

communicating between the allocated private zone and the respective set of 
resources, wherein a plug-in denies access during ithe communication to the second 
private zone (abstract). 

However Harris does not teach store security information ensuring secured 
communication between at least one of the first private zone and the second private 
zone and the respective set of resources; ( However, these features are taught by Intel, 
as described above, page 4) 

28. Regarding claim 31, Harris teaches the method according to claim 30, wherein 
allocating the first private zone is managed by an entity, wherein the entity allocates the 
first private zone to the respective set of resources by supplying information comprising 
a reference of the first private zone. (This claim is similar to the claims above as 
described, same rationale of rejection is applicable). 

29. Regarding claim 32, Harris teaches the method according to claim 3 1 , wherein 
information supplied comprises a value of a master key stored in the first private zone, 
wherein the master key is able to encrypt information transmitted between the first 
private zone and the respective set of resources. (This claim is similar to the claims 
above as described, same rationale of rejection is applicable). 

30. Regarding claim 33, Harris teaches the method according to claim 30, as 
described above. Harris teaches, wherein the respective set of resources transmits, 
after execution, is able to ensure that the respective set of resources communicate 
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exclusively with the first private zone (abstract). 

However, Harris does not teach by a secured transmission means, an access 
key associated with the first private zone, wherein the access key is used to execute a 
plug-in (wherein a plug-in is interpreted to be a software program that provides added 
functionally to larger applications such as the application to the regions in Harris's 
teachings, figure 2B). 

Intel teaches secured transmission means, an access key associated with the 
first private zone, wherein the access key [page 10] is used to execute a plug-in 
(wherein a plug-in is interpreted to be a software program that provides added 
functionally to larger applications such as the application to the regions in Harris's 
teachings). 

It would have been obvious to one of ordinary skilled in the art at the time of 
invention made given that the teachings of Harris and Intel before them, to modify the 
zones to include transmitting security parameters as taught in Intel in the private zones 
of Harris. 

One would be motivated to combine these teachings of Harris and Intel, to 
modify the web access advantages of reliability and scalable performance while using 
security keys to access as taught in Intel in the private zones of Harris or deny the data zones 
(regions). 

3 1 . Regarding claim 34, the method according to claim 30, wherein, to open a 
secured transaction, the respective set of resources transmits a plug-in (wherein a plug- 
in is interpreted to be a software program that provides added functionally to larger 
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applications such as the application to the regions in Harris's teachings), wherein the 
plug-in is configured to check whether security information written in at least one from 
the group consisting of the first and second private zones (regions, abstract) 
corresponds to the security information stored in a memory attached to the respective 
set of resources.(These limitations in the claim is similar to the claims described above, 
thereby rationale of rejection is applicable). 

32. Regarding claim 35, Harris further teaches a computer plug-in (wherein a plug-in 
is interpreted to be a software program that provides added functionally to larger 
applications such as the application to the regions in Harris's teachings) for a data 
processing device (i.e. computer, abstract),wherein the data processing device is 
configured to communicate with a plurality of resources via a browser (abstract), 
wherein the browser comprises a plurality of private zones (regions, abstract), wherein 
each private zone is configured to be allocated to a respective set of resources and 
store information specific to the respective set of resources(abstract) 

Intel teaches, wherein the plug-in comprises at least one input parameter 
corresponding to a key to access at least one of the plurality of private zones (regions, 
abstract), wherein the value of the key is supplied to the data processing device by the 
respective set of resources, and wherein the plug-in, after execution, authorizes access 
to the at least one of the plurality of private zones iaccording to the key. (These 
limitations in the claim is similar to the claims described above, thereby rationale of 
rejection is applicable). 

One would be motivated to combine these to teachings of Harris and Intel before 
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them, to modify the reducing security risks using access keys as taught in Intel for the 
communication between the private zones (regions, abstract) and the web-based 
resource of Harris.. 



33. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Barak Nissan whose telephone number is (571)-270-3632. The 
examiner can normally be reached on Mon-Thrus'6:30am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Beatriz Prieto can be reached on (571)-272-3902. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Conclusion 



Barak Nissan 
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